• No results found

Image Encryption

N/A
N/A
Info
Download
Protected

Academic year: 2022

Share "Image Encryption"

Copied!
7
0
0

Loading.... (view fulltext now)

Download now ( 7 Page )

Full text

(1)

Sandeep Vashist, IJRIT 75

IJRIT International Journal of Research in Information Technology, Volume 1, Issue 12, December, 2013, Pg. 75-81

International Journal of Research in Information Technology (IJRIT)

www.ijrit.com

ISSN 2001-5569

Image Encryption

1Sandeep Vashist, 2Naveen Kumar, 3Vinod Kumar, 4Pankaj Nainakwal

1 2 3 4 Bachelor of Technology , Dronacharya College of Engineering, Gurgaon

1[email protected], 2[email protected]

3[email protected], 4[email protected]

Abstract

Over the network, the digital content transmission have increased in the past few years.. Security and privacy issues of the transmitted data have become an important concern in multimedia technology.In this paper, we classify various image encryption schemes and analyze them with respect to various parameters like tunability, visual degradation, compression friendliness, format compliance, encryption ratio, speed, and cryptographic security.

Index Terms—MPEG stream, Image Encryption, Compression, Format Compliance, Security.

I. INTRODUCTION

The use of image and video applications has increased dramatically in recent years. When communication bandwidth or storage is limited, data is often compressed. Especially when wireless network is used, low bit rate compression algorithms are needed because of limited bandwidth. On the other hand, encryption operation is also performed if it is necessary to protect information. Traditionally, an appropriate compression algorithm is applied to multimedia data and its output is encrypted by an independent encryption algorithm. This process must then be reversed by decoder. The processing time for encryption and decryption is a major bottleneck in real time image communication and processing. Along with that processing time required for compression and decompression is also important. The computational overhead incurred by encryption and decryption algorithms makes it impossible to handle tremendous amount of data processed [1], [2]. Encrypting the whole compressed bitstream is very expensive both in delay and processing time, it is proposed in literature to only partially encrypt the compressed bitstream, as a matter of fact, although a large portion of the compressed data is left unencrypted, an adequate choice of bits to encrypt still makes it sufficiently difficult to recover the original data without deciphering the encrypted part so that the security of transmission is achieved [2]. The security of digital images has become more and more important due to the rapid evolution of the Internet in the digital world today. The security of digital images has attracted more attention recently, and many different image encryption methods have been proposed to enhance security of images [4].Image encryption techniques try to convert an image to another one that is hard to understand. On the other hand, image decryption retrieves the original image from the encrypted one. There are various image encryption systems to encrypt and decrypt data.

Images are widely used for authorization propose to differentiate between authorized and unauthorized users. For this propose the organization keeps the recorded images into databases. Although different database companies all

(2)

Sandeep Vashist, IJRIT 76 already providing their security control but relying on database security is not enough. Hence, need of image encryptions comes into picture to store images after encrypting them. Not only the authorization domain is using database to store images but also it is better to scan historical sign documents, agreements, and other similar kind of documents which are usually hard to keep safe for further long period of time. In this way, image encryption domain is spreading its roots in most of fields with the advancement in technology.

Advances in multimedia technologies have popularized applications like video conferencing, pay-per-view, Video-On Demand (VOD), video broadcast, etc. In such applications, confidentiality of the video data during transmission is extremely important. This necessitates secure video encryption algorithms. In the na¨ıve approach for video encryption, the MPEG (Moving Picture Expert Group) stream (bit sequence) is treated as text data, and encrypted using standard encryption algorithms like DES (Data Encryption Standard) [7], RC5 (Rivest Cipher), AES (Advanced Encryption Standard), etc. Though this approach is supposedly the most secure for video encryption, it is computationally infeasible for real-time applications. Arguing that the full content of the video is not critical, selective encryption algorithms were proposed. These methods encrypt using simple XOR or encrypt selected bits of the video data (for example, sign bits of I frames, motion vectors, etc.). These encryption algorithms are much faster than selective algorithms. Also, they add less overhead on the codec. (Note that if encryption modifies the syntax of the MPEG bit stream, it adds overhead to the MPEG codecs.) Another category of algorithms is based on scramble (permutation) only methods, where the DCT coefficients are permuted to provide confusion.

However, in most of these methods, computational efficiency comes at the cost of security.

Based on the state of the art in video encryption, we observe that:

• For complete and provable security of the video data, the entire video needs to be encrypted. However, a na¨ıve encryption of the complete video stream is computationally infeasible.

• The encryption algorithm should not be susceptible to attacks like known-plaintext attack and ciphertext- only attack. Computational efficiency should not come at the cost of security.

The rest of the paper is organized as follows: In section II, we describe the preliminaries to understand the background of MPEG and process of encryption/decryption. In Section III, the proposed algorithm for video encryption is described. In section IV, we describe the performance parameters based on which image encryption schemes can be compared or evaluated. In section V, classification and description of these schemes are given. In section VI, performance and comparison of these schemes has been given and finally conclusion is drawn in section VII.

II. PRELIMINARIES

MPEG Background: A MPEG video is composed of a sequence of Group of Pictures (GOPs). Each GOP consists of three types of frames namely I, P and B. I frames are called intra-coded frames and are compressed without reference to any other frames. They are split into non-overlapping blocks which are then compressed using Discrete Cosine Transform (DCT), quantization (Q), zigzag scan, followed by run-length coding and entropy coding (VLC).

Figure 1 shows the block diagram of the MPEG video coding scheme.

The P and B frames are forward predictive and bidirectional predictive coded frames, respectively. These are subjected to compensation by subtracting a motion compensation prediction. Sometimes, P and B frames also have some intra-coded blocks when better efficiency will be obtained using intra-coded compression [4]. These intracoded blocks are called I-blocks in P and B frames.

Encryption/Decryption: The process of converting plaintext to ciphertext is called enciphering or encryption;

restoring plaintext from ciphertext is deciphering or decryption. Both the encryption and decryption algorithms take a key (K) and plaintext/ciphertext as input. In the case of images, plaintext is a set of pixel values arranged in an orderly manner. Encrypting images/videos constitutes reordering these pixel values so that they convey no visual information about the original image. In this case, the DCT coefficients are encrypted in such a way that the content is made illegible for the unauthorized. Only an authorized user can get back the original content using the decryption algorithm.

(3)

Sandeep Vashist, IJRIT 77

Fig. 1 MPEG Video Coding Scheme

In cryptography, a block cipher is a symmetric key cipher which operates on fixed-length groups of bits, termed blocks, with an unvarying transformation. When encrypting, a block cipher might take an n-bit block of plaintext as input and output a corresponding n-bit block of ciphertext. The exact transformation is controlled using a second input – the secret key. Decryption is similar, takes an n-bit block of ciphertext together with the secret key and outputs the original n-bit block of plaintext. Examples of block ciphers are RC5, AES, DES, Blowfish, etc. We use block ciphers in this work.

A block cipher operates in different modes. The predominant modes are Electronic Code Book (ECB) and Cipher-Block Chaining (CBC). In ECB mode, the plaintext is divided into blocks and each block is encrypted separately. In the CBC mode, each block of plaintext is XORed with the previous ciphertext block before being encrypted. This way, each ciphertext block is dependent on all plaintext blocks processed up to that point. In this mode, changes in the plaintext propagate forever in the ciphertext and encryption cannot be parallelized. Also, decryption cannot be parallelized.

III. ALGORITHM FOR VIDEO ENCRYPTION

This section of the paper describes the proposed encryption scheme. Though we can use any of the algorithms like DES (Feistel Structure), RC5 for encryption, we used RC5 [9] to encrypt the DCT coefficients. RC5 has following suitable characteristics: it is a block-cipher with varying block size (32, 64 or 128 bits), varying key size (0 to 2040 bits) and variable number of rounds (0 to 255) (so that the user can choose the level of security appropriate for his application). It is a fast block cipher with a simple and easy-to analyze structure. It also has adaptable word size in order to suit processors of different word lengths and flexibility of changing the parameters easily [2]. Figure 2 shows the block diagram of the encryption process.

Our approach uses RC5 [9] algorithm with key size of 128 bits and 20 rounds of operation. The pre-processing step of our algorithm is shown in Algorithm 1. The lookup table generated is used in the encryption and decryption stages of the algorithm. It is never modified in the entire process of encryption/decryption.

Algorithm 1 Pre-processing Step — Look-up Table Construction Step 1: Generate all the combinations of quadruples from −20 to 20.

Step 2: Encrypt each quadruple using the ECB mode of RC5 encryption.

Step 3: Use the list of coefficients and their encrypted values as a look-up table for encryption of the AC coefficients.

The pre-processing step could be done before the encryption phase and in fact even before the input (video to be encrypted) is known. For frequently occurring AC quadruple, instead of undergoing the entire process of encryption, a mere look-up serves the purpose. Hence there is a drastic reduction in the encryption time despite the usage of a text based algorithms. Note that this encryption does not compromise the security of the algorithm, since this (look- up) is used only with the relatively less significant AC coefficients.

Since the DC component carries most of the energy, it is the most significant value of the block. The encryption of the DC value plays a key role in the visibility of the video block. Some encryption algorithms only encrypt the

(4)

Sandeep Vashist, IJRIT 78 DC coefficient while simply permutating the ACs [14]. In order to enhance the security, we apply CBC mode for encrypting the DC coefficients rather than the general ECB mode which is applied for the AC coefficients. The proposed scheme of encryption gains its advantages from not only the look-up table but also the dynamism of changing the mode of encryption based on the type of coefficient. Algorithm 2 explains the main encryption.

Algorithm 2 Main Encryption Algorithm Step 1:

for each and every block of a frame do

Step 1.1: Consider four consecutive ACs (ACt, ACt+1, ACt+2, ACt+3).

Step 1.2: Compare these coefficients against the lookup table for a hit or miss if hit then

Replace the 4 AC coefficients with their encrypted values.

else

Apply the ECB mode of RC5 encryption with these ACs as input.

end if

Step 1.3: When DC coefficients are considered, collect four DC coefficient values in a block and encrypt them using the CBC mode of RC5 algorithm.

end for

At the receiver end, the authorized recipient first generates the look-up table for all the combinations of −20 to 20 quadruples and encrypts the quadruples in the way similar to the pre-processing step of the algorithm using the key.

In the generated look-up table, the columns are exchanged and sorted in order to look up for the plain values when the cipher values are known. For obtaining the DC coefficients, the recipient can directly apply general RC5 decryption with the CBC mode.

Sometimes when there is less motion in objects and scenes, the encryption of the I frames in the videos will render the subsequent P/B frames difficult to perceive due to the dependency of the P/B frames on the I frames.

When video content is not highly correlated in the temporal dimension, the I-blocks of the P/B frames will help in partial leakage of the image information [1]. In order to achieve better security, the DCT coefficients of the I-blocks also need to be encrypted. Identifying the I-blocks in P/B frames introduces overhead because one has to go through the entire MPEG bit stream. This time consuming process of identifying the I-blocks makes the naive approach a better choice in many cases [8]. For I-blocks in P and B frames, there is a substitute scheme that encrypts the motion vectors of the video sequence.

We concentrate only on the encryption of I frames because

for real-time applications like pay-per-view there is no need to encrypt the motion vectors. Partial leakage of image information from the I-blocks in P/B frames might persuade a non-paying consumer to buy the video. In order to use our algorithm for applications where the entire video content is important, motion vectors of P and B frames are also encrypted along with I frames. The same look-up table (used for encryption of AC coefficients) can be used for encryption of these motion vectors.

IV. PERFORMANCE PARAMETERS

We need to define a set of parameters based on which we can evaluate and compare image encryption schemes.

Some parameters listed below are gathered from literature.

Tunability (T): It could be very desirable to be able to dynamically define the encrypted part and the encryption parameters with respect to different applications and requirements. Static definition of encrypted part and encrypted parameters limits the usability of the scheme to a restricted set of applications.

Visual Degradation (VD): This criterion measures the perceptual distortion of the image data with respect to the plain image. In some applications, it could be desirable to achieve enough visual degradation, so that an attacker would still understand the content but prefer to pay to access the unencrypted content. However, for sensitive data, high visual degradation could be desirable to completely disguise the visual content.

(5)

Sandeep Vashist, IJRIT 79 Compression Friendliness (CF): An encryption scheme is considered compression friendly if it has no or very little impact on data compression efficiency. Some encryption schemes impact data compressibility or introduce additional data that is necessary for decryption. It is desirable that size of encrypted data should not increase.

Format Compliance (FC): The encrypted bit stream should be compliant with the compressor. And standard decoder should be able to decode the encrypted bit stream without decryption.

Encryption Ratio (ER): This criterion measures the amount of data to be encrypted. Encryption ratio has to be minimized to reduce computational complexity.

Speed (S): In many real-time applications, it is important that the encryption and decryption algorithms are fast enough to meet real time requirements.

Cryptographic Security (CS): Cryptographic security defines whether encryption scheme is secure against brute force and different plaintext-ciphertext attack? For highly valuable multimedia application, it is really important that the encryption scheme should satisfy cryptographic security. In our analysis we measure cryptographic security in three levels: low, medium and high.

V. CLASSIFICATION AND DESCRIPTION OF IMAGE ENCRYPTION SCHEMES

In this section, we classify image encryption schemes in two categories. a. Spatial Domain Schemes b. Frequency Domain Schemes. Section IV.1 describes spatial domain image encryption schemes and section IV.2 presents image encryption schemes in frequency domain.

V.1 Spatial Domain Schemes

V.1.1 Methodology proposed by Cheng And Li (2002)

The author proposed a novel solution called partial encryption [5], in which a secure encryption algorithm is used to encrypt only part of compressed data. They proposed partial encryption for quadtree compression. It allows the encryption and decryption time to be significantly reduced without affecting the compression performance of the underlying compression algorithm. In this scheme, the compression output is partitioned into two parts; one is important and other is unimportant parts. Important parts provide a significant amount of information about original data, whereas remaining part called unimportant parts may not provide much information without important parts.

Encryption will only perform for important parts. A significant reduction in encryption and decryption time is achieved when the relative size of important part is small.

This scheme is not tunable as static parameters are encrypted. High visual degradation can be achieved only with image having high information rate. As encryption is performed after compression, so no impact is observed on compression efficiency. Encryption ratio can vary from 14% to 50%. Brute force attack is possible for low information images where quadtree structure is very simple. So the security level of this scheme is low.

IV.1.2 Methodology proposed by Podesser, Schmitdt and Uhl (2002)

In this [6], selective bitplane encryption using AES is proposed. Several experiments were conducted on 8 bit grayscale images, and the main results retained are following: 1. encrypting only the MSB is not secure; a replacement attack is possible 2. Encrypting the first two MSBs gives hard visual degradation, and 3. Encrypting three bitplanes gives very hard visual degradation.

This scheme is not tunable as fix number of bits are encrypted. For 8 bits per pixel uncompressed image, hard visual degradation (of 9 dB) can be observed for a minimum of 3MSB bits encrypted. This scheme is intended for uncompressed data. Encryption can increase data size so it is not compression friendly. In this scheme encryption is performed before compression, so it is format compliant. At least 3 bit planes over 8 (more than 37.5%) of the bit stream have to be encrypted using AES to achieve sufficient security. even when a secure cipher is used (AES), the selective encryption algorithm proposed is vulnerable to replacement attacks [6]. This attack does not break AES but replaces the encrypted data with an intelligible one. It is worth to note that visual distortion is a subjective criterion and does not allow to measure security as illustrated in this example. Security level of this technique can be scaled as medium.

(6)

Sandeep Vashist, IJRIT 80 V.1.2 Methodology proposed by Droogenbroek and Benedett

This method [4] is proposed for uncompressed image, which applies to a binary image, consist in mixing image data and a message (key) that has the same size as the image: a XOR function is sufficient when the message is only used once. A generalization to gray level images is straightforward: Encrypt each bitplane separately and reconstruct gray level image. With this approach no distinction between bitplanes is introduced although the subjective relevance of each bitplane is not equal. The highest bitplanes exhibit some similarities with the gray level image, but the least significant bitplanes look random. Because encrypted bits also look random, the encryption of least significant bitplanes will add noise to the image. The advantage of least significant bits is that plaintext attacks are harder on random like data. It is preferable to encrypt bits that look most random.

This scheme is tunable. Very high visual degradation can be achieved by encrypting 4 to 5 bitplanes. This technique is used for uncompress image so no impact is observed on compression efficiency. In this scheme encryption ratio vary from 50 to 60%. It is fast as XOR operation takes less time. It is not robust against cryptanalysis attack. So, security level is low.

VI. THE MYSTERIOUS LENA

Anyone who has ever worked on Digital Image Processing is surely acquainted with the image of Lena (aka:

“Lenna”):

I doubt there’s one single book on Digital Image Processing that does not contain this image. The Lena photo can be found on countless scientific papers. Numerous algorithms have been tested using her photo. Lena is definitely a celebrity in the Image Processing community.

But, who is the mysterious Lena after all?!? She’s Lena Söderberg (b. 1951), a Swedish model who is also known by her maiden name Lena Sjööblom / Lenna Sjööblom. She appeared in the centerfold of the November 1972 issue of the Playboy magazine. In mid-1973, engineers at the Signal & Image Processing Institute (SIPI) were searching for good test images. Someone found a copy of the November 1972 issue of the Playboy magazine, and the engineers scanned the centerfold photo of Lena. Over the past decades, the Lena image has been the de facto standard for

(7)

Sandeep Vashist, IJRIT 81 testing Image Processing algorithms. The mysterious Lena is considered the “First Lady of the Internet”, and an

“Information Age Madonna”.

VII.REFERENCES

[1] Shiguo Lian, Dimitris Kanellopoulos, and Giancarlo Ruffo, “Recent Advances in Multimedia Information System Security”, International Journal of Computing and Informatics, Vol. 33, No.1, March 2009, pp. 3-24.

[2] S.lian, Multimedia Content Encryption : Techniques and Application, CRC, 2008.

[3] M. Van Droogenbroeck and R. Benedett, Techniques for a selective encryption of uncompressed and compressed images, “in Proceedings of Advanced Concepts for Intelligent Vision Systems (ACIVS), Ghent,Belgium, September 9-11,2002,pp. 90-97.

[5] L. Qiao and Klara Nahrstedt, “A new algorithm for MPEG video encryption,” in Proc. of First International Conference on Imaging Science System and Technology, 1997, pp. 21–29.

[6] C. Shi and Bharat Bhargava, “A fast MPEG video encryption algorithm,” in Proc. of ACM Multimedia, 1998, pp. 81–88.

[7] Mayank Arya Chandra, Ravindra Purwar, Navin Rajpal,, USIT,GGS IP University Delhi India “Novel Approach of Digital Video Encryption”.

References

Download now ( PDF - 7 Page - 2.20 MB )

Related documents

Randomised trials in context: practical problems and social aspects of evidence based medicine and policy

We describe four important ways in which the evidence from randomised trials is limited or partial: the problem of applying results, the problem of bias in the conduct of

IJCSMC, Vol. 8, Issue. 10, October 2019, pg.137 – 148 A Generic Certificate Verification System for Nigerian Universities

Several approaches have been made to verify certificates and clear the issue of certificate forgery, however, certificate verification method still prevalent today

Nondestructive Monitoring of Structural Materials using Automated Ball Indentation (ABI) Technique

Two examples are shown in Figure 3 demonstrating the correlation of the true σ - ε curves derived from ABI tests and tensile data obtained from subsize miniature tensile specimens

Governing information infrastructures and services in telecommunications

That neo-liberalism had become deeply locked-in as the dominant ideological perspective on telecommunications was abundantly evident relatively early on in the landmark

Study of Plastic Deformation of Soft Materials Under Impact Load

The soft metals and nylon material were used for compression testing to make the extrusion or flow plasticity of materials through the taper die.. It is comparable to the drop

Bracke, Tobit (2006): Nachfolgestudie einer soziodemographischen Erhebung im Rahmen einer Lebensqualitätsstudie bei Langzeit-KMT-Überlebenden. Dissertation, LMU München: Medizinische Fakultät

Zum einen könnte es daran liegen, dass das Angebot einer Psychotherapie nach der KMT für viele unserer Patienten, die ab 1979 transplantiert wurden, nicht oder

A marginalized variational bayesian approach to the analysis of array data

BioMed CentralBMC Proceedings ss Open AcceProceedings A marginalized variational bayesian approach to the analysis of array data Yiming Ying*, Peng Li and Colin Campbell Address Department

Comparative Study of Symmetric Key Cryptographic Algorithms CAST, IDEA, RC, Camellia and SAFER

International Journal of Scientific Research in Computer Science, Engineering and Information Technology CSEIT194424 | Published 11 March 2019 | [ 4 (4) 117 122 ] National Conference